Ntopng

04/23/2014 10.02.32 IM http.//raymII.org/s/tutorIaIs/ntop-ng-InstaIIatIon-on-buntu.
htmI
Paynii.rg
thttp. ..
raynii.rg..
Oui cutdi ct i p cutdc?
RSS Feed(http://
feedsfeedburnercom/
Raymiiorg)
Search
Support thi s wesi te:
nception Hosting vPS
Affiliate Link(http://
clients.inceptionhosting.co
m/aff.php7aff=083)
Digital Ocean vPS Affiliate
(https://
www.digitalocean.com/7
refcode=7435ae68212)
Home(/s/)
All tems(/s/
everything.html )
Bash(/s/tags/ash.html )
Monitoring(/s/tags/
monitoring.html)
SSL(/s/tags/ssl .html )
Deian(/s/tags/
deian.html )
Python(/s/tags/
python.html )
vPN(/s/tags/vpn. html)
Uuntu(/s/tags/
uuntu.html )
nginx(/s/tags/
nginx.html )
Apache(/s/tags/
apache.html )
Ansile(/s/tags/
ansile.html )
ntp-ng 1.1 intallatin n Ubuntu 1z.O(
Home(../) / Tutorials(../tutorials)
/ ntop-ng 1.1 installation on Uuntu 12.04(ntop-ng-installation-on-
Uuntu.html )
29-11-2013 | Remy van Elst
Screenshots
(https://raymii .org/s/inc/img/ntopng/1.png)
04/23/2014 10.02.32 IM http.//raymII.org/s/tutorIaIs/ntop-ng-InstaIIatIon-on-buntu.htmI
TreeCrid CanII
Download
IanII.com/CanII0harI
Make CanII charIs easily on
your web. Try ouI our live
examples!
(https://
raymii.org/s/inc/img/ntopng/5.png)
This is a guide on installing the latest ntop-ng (1.1) on Uuntu 12.04.
ntopng s the next generaton erson o1 the orgna1 ntop, a network
tra11c probe that shows the network usage, sm1ar to what the
popu1ar top unx command does. ntop s based on 1bpcap and t has
been wrtten n a portab1e way n order to rtua11y run on eery unx
p1at1orm, Mac0Sx and on Wn22 as we11. ntopng users can use a a web
browser to nagate through ntop {that acts as a web serer) tra11c
n1ormaton and get a dump o1 the network status. 1n the 1atter case,
ntop can be seen as a smp1e 8M0u-1ke agent wth an embedded web
nter1ace.
This tutorial will walk you through the compilation and installation of ntopng
from source. The package in the Uuntu 12.04 repositories it quite old.
What can ntopng do7
Sort network traffic according to many protocols
Shownetwork traffic and Pv4/v6 active hosts
Store on disk persistent traffic statistics in RRD format
Ceolocate hosts
Discover application protocols y leveraging on nDP, ntops DP
framework.
Characterise HTTP traffic y leveraging on characterisation services
provided y lock.si .
ShowP traffic distriution among the various protocols
Analyse P traffic and sort it according to the source/destination
Display P Traffic Sunet matrix (who is talking to who7)
Report P protocol usage sorted y protocol type
Act as a NetFlow/sFlowcollector for flows generated y routers (e.g.
Cisco and |uniper) or switches (e.g. Foundry Networks) when used
together with nProe.
Produce HTML5/A|AX network traffic statistics
More information on ntop-ng can e found on their wesite: http://
www.ntop.org/(http://www.ntop.org/)
Contents
This is what we are going to do:
nstall required packages
Download files
Place ntopng-data
Compile ntopng
Create config file
Test ntopng
Place upstart script
Here's what you need:
Uuntu 12.04 installation
Deian 7 also works
This tutorial was written and tested on a DigitalOcean vPS. f you use this you
sponsor me (referral link)(https://www.digitalocean.com/7
refcode=7435ae68212)
Note about checkinstall and packages
We are using checkinstall here to create a deian package of the source we
compile. do this ecause it gives more flexiility in managing the software
afterwards. Upgrading or uninstalling the packages is easier than removing all
the things make install placed. Furthermore, it makes it more clear for other
administrators which software is installed.
f you for example want to upgrade ntop-ng when it was installed via this
tutorial with checkinstall, repeat the tutorial with only the version numer
changed.
nstalling required packages
These are the packages we need to uild and use for ntopng
apt-get nsta11 1bpcap-de 1bg1b2.0-de 1bgeop-de reds-serer
wget 1bxm12-de bu1d-essenta1 checknsta11
Download the files
We need to download oth the data files and the source code. You can
download it from sourceforge(http://sourceforge.net/pro|ects/ntop/files/
ntopng/):
mkdr -p ,usr,1oca1,src
cd ,usr,1oca1,src
wget "http:,,down1oads.source1orge.net,proect,ntop,ntopng,ntopng-
data-1.1_6922.tgz" -0 ntopng-data-1.1.tar.gz
wget "http:,,down1oads.source1orge.net,proect,ntop,ntopng,ntopng-1.1_
6922.tgz" -0 ntopng-1.1.tar.gz
Place ntopng-data
The data files contain files for the we interface like the CeoP dataase. They
are already good, the only thing we need to do is place them:
cd ,usr,1oca1,src
tar -x1 ntopng-data-1.1.tar.gz
cd ntopng-data-1.1_6922
cp -r .,usr,* ,usr
Compile ntopng
The compilation of ntopng itself is a it more work, this is ecause the ntopng
1.1 package includes preuilt .o los for third party tools, proaly y
accident, which will cause you troule when uilding ntopng yourself. We
need to clean those up.
First we extract:
cd ,usr,1oca1,src
tar -x1 ntopng-1.1.tar.gz
cd ntopng-1.1_6922
Then we configure:
.,con1gure
Clean up:
make c1ean
cd thrd-party,son-c
make c1ean
cd ..
cd thrd-party,luaJ11-2.0.2
make c1ean
cd ..
cd thrd-party,rrdtoo1-1.4.7
make c1ean
cd ..
cd thrd-party,zeromq-2.2.2
make c1ean
cd ..
cd thrd-party,creds-0.2.2
make c1ean
cd ..
Start the actual compilation:
make
And install the thing:
checknsta11
The default answers for checkinstall are okay.
Creating the ntopng config file
First we create the required folder:
mkdr -p ,etc,ntopng
There are two files needed. First is ,etc,ntopng,ntopng.start :
--1oca1-networks "172.20.16.0,24"
--nter1ace 1
To see all availale interfaces and options, use the ntopng -h option:
^a1ab1e nter1aces {- ):
1. eth0
2. mbr0
2. enet0
j...
14. any
1S. 1o
Then there is the ,etc,ntopng,ntopng.con1 file:
-6=,ar,run,ntopng.pd
Again, with the ntopng - option you can see all the possile options for use
in this config file.
Before starting the test, make sure redis is started:
,etc,nt.d,reds-serer restart
Test ntopng
f the compilation gave no errors and the config files are places we can start
ntopng and see howit works:
ntopng ,etc,ntopng,ntopng.con1
Use your we rowser to navigate to http:,,your-ntop-box-p:2000 . There
you can login with the username/password como admn,admn .
f this works, and there is data visile as in the screenshots, continue on to set
up the upstart script.
Upstart script
This is a simple upstart script which can e used to start, stop and restart
ntopng. Place it in ,etc,nt,ntopng.con1 :
# ntopng network 11ow ana1yzer
# by https:,,raym.org
descrpton "ntopng network 11ow ana1yzer"
start on rtua1-11esystems
stop on run1ee1 j06
respawn
respawn 1mt S 20
1mt no11e 6SSS0 6SSS0
setud root
setgd root
conso1e 1og
scrpt
exec ,usr,1oca1,bn,ntopng ,etc,ntopng,ntopng.con1
end scrpt
Tags: apache, (../tags/apache.html )lua, (../tags/lua.html )monitoring, (../tags/
monitoring.html )network, (../tags/network.html)ntop, (../tags/ntop.html)ntop-
ng, (../tags/ntop-ng.html)uuntu, (../tags/uuntu.html )
Cenerated y ingsoc(/s/software/ingsoc.html ) | Cluster Status(/s/software/
Sparkling_Network.html ) | Aout(/s/static/Aout.html )

Ntopng

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ntopng

Uploaded by

Copyright:

Available Formats

04/23/2014 10.02.32 IM http.//raymII.org/s/tutorIaIs/ntop-ng-InstaIIatIon-on-buntu.

You might also like